Scribd Logo
Upload

Welcome to Scribd!

  • Rough CMS

    Uploaded by

    Quratulain Tariq
    13 views2 pages
    The document lists administrative login pages and URLs for potential vulnerabilities on various websites. It also provides notes on attempts to exploit outdated plugins, upload webshells, and use SQL injections on government websites without success. Specific plugins, exploits, and websites tested are named.

    Original Description:

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document lists administrative login pages and URLs for potential vulnerabilities on various websites. It also provides notes on attempts to exploit outdated plugins, upload webshells, and use SQL injections on government websites without success. Specific plugins, exploits, and websites tested are named.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    13 views2 pages

    Rough CMS

    Uploaded by

    Quratulain Tariq
    The document lists administrative login pages and URLs for potential vulnerabilities on various websites. It also provides notes on attempts to exploit outdated plugins, upload webshells, and use SQL injections on government websites without success. Specific plugins, exploits, and websites tested are named.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 2

    Admin panels of some sites:

    https://payonwork.com/wp-login.php?redirect_to=https%3A%2F%2Fpayonwork.com%2Fwp-admin
    %2F&reauth=1

    https://www.ensuretech.com/wp-login.php

    https://pashto.app.com.pk/pashto/wp-login.php?redirect_to=https%3A%2F%2Fpashto.app.com.pk
    %2Fpashto%2Fwp-admin%2F&reauth=1

    https://vulmon.com/exploitdetails?
    qidtp=packetstorm_exploits&qid=0b89a8f9aa88bf8e0fe15aafb9765d40

    exploit of contarct 7 on

    view-source:https://www.plddb.pk/

    mine: 5.5.6 but explois found in 5.3.1

    Tried on
    payonwork

    www.plddb.pk (above)

    https://pashto.app.com.pk/

    https://qsc.com.pk/

    (https://designyourown.pk, icegram 2.1.4, https://wpscan.com/vulnerability/46ed56db-9b9d-4390-


    80fc-343a01fcc3c9)

    GOV WEBSITES and details

    1) https://pcsi.gov.pk/ has an outdated plugin MetaSlider but for it we need admin credentials
    (tried sql payloads too) https://wpscan.com/vulnerability/c88c85b3-2830-4354-99fd-
    af6bce6bb4ef

    Considered
    Found no specific exploit and had to do research on AJAX so I left.

    Also tried

    https://www.exploit-db.com/exploits/50882

    but coun’t exploit any.

    Trying to upload webshell

    dsu.edu.pk – couldn’t upload shell

    You might also like